Test Kennung:	1.3.6.1.4.1.25623.1.0.880622
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for wireshark CESA-2010:0360 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the referenced advisory. Vulnerability Insight: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-4377) Several buffer overflow flaws were found in the Wireshark LWRES dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-0304) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-2560, CVE-2009-2562, CVE-2009-2563, CVE-2009-3550, CVE-2009-3829) Users of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.11, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. Affected Software/OS: wireshark on CentOS 5 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2560 BugTraq ID: 35748 http://www.securityfocus.com/bid/35748 BugTraq ID: 36846 http://www.securityfocus.com/bid/36846 Debian Security Information: DSA-1942 (Google Search) http://www.debian.org/security/2009/dsa-1942 http://www.mandriva.com/security/advisories?name=MDVSA-2009:194 http://www.openwall.com/lists/oss-security/2009/07/22/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6416 http://secunia.com/advisories/35884 http://secunia.com/advisories/37175 http://secunia.com/advisories/37409 http://secunia.com/advisories/37477 http://www.vupen.com/english/advisories/2009/1970 http://www.vupen.com/english/advisories/2009/3061 XForce ISS Database: wireshark-radius-dissector-dos(54019) https://exchange.xforce.ibmcloud.com/vulnerabilities/54019 Common Vulnerability Exposure (CVE) ID: CVE-2009-2562 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564 http://www.openwall.com/lists/oss-security/2009/09/18/2 http://www.openwall.com/lists/oss-security/2009/09/17/15 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11643 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5625 Common Vulnerability Exposure (CVE) ID: CVE-2009-2563 http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11210 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6321 Common Vulnerability Exposure (CVE) ID: CVE-2009-3550 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6005 XForce ISS Database: wireshark-dcerpcnt-dos(54017) https://exchange.xforce.ibmcloud.com/vulnerabilities/54017 Common Vulnerability Exposure (CVE) ID: CVE-2009-3829 CERT/CC vulnerability note: VU#676492 http://www.kb.cert.org/vuls/id/676492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5979 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9945 Common Vulnerability Exposure (CVE) ID: CVE-2009-4377 BugTraq ID: 37407 http://www.securityfocus.com/bid/37407 Debian Security Information: DSA-1983 (Google Search) http://www.debian.org/security/2009/dsa-1983 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html http://osvdb.org/61178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9564 http://www.securitytracker.com/id?1023374 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.vupen.com/english/advisories/2009/3596 Common Vulnerability Exposure (CVE) ID: CVE-2010-0304 BugTraq ID: 37985 http://www.securityfocus.com/bid/37985 http://www.debian.org/security/2010/dsa-1983 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname http://www.openwall.com/lists/oss-security/2010/01/29/4 http://osvdb.org/61987 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8490 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9933 http://www.securitytracker.com/id?1023516 http://secunia.com/advisories/38257 http://secunia.com/advisories/38348 http://secunia.com/advisories/38829 http://www.vupen.com/english/advisories/2010/0239 XForce ISS Database: wireshark-lwres-bo(55951) https://exchange.xforce.ibmcloud.com/vulnerabilities/55951
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.